Addressing Concentration and Resilience Risk Across your Extended Supply Chain
Disaster has a way of bringing 'supply chain’ into the common lexicon. In the aftermath of the 2011 Tohoku earthquake, major companies including Apple and Toyota experienced shortages of components manufactured in Japan. At the beginning of the COVID-19 pandemic, we...
read more
Back To School – For Her PhD in Cybersecurity
We can tell you a lot more about going back to school for your PhD in Cybersecurity than we can about what back-to-school will look like for our own children this year. Higher education institutions around the world now offer cybersecurity degrees and research...
read more
Top Ten Tips for using Shared Assessments’ TPRM Toolkit in Virtual Assessments
The Covid-19 Pandemic quickly shifted our world to a virtual perspective. Remote workers, remote vendors, remote classes and even remote family get togethers. These changes are not seen as a temporary shift; global companies have announced no plans to require a return...
read more
Breaking Down the TPRM Implications of the E.U. Court of Justice Decision Invalidating Privacy Shield
Privacy, Surveillance, and Data Transfers to the United States are hitting the headlines in privacy and security circles. The C-Suite may be hearing about “Schrems II” and wonder what the hoopla is all about. Let's start at the beginning, with a quick timeline recap...
read more
Vetting Vendors – IoT Risk Due Diligence Questions – Critical Awareness, Authority & Engagement
We’ve been fielding many IoT (Internet of Things) questions this summer. Organizations who already use the SIG tool in their TPRM programs and organizations evaluating the SIG tool have asked us about the proper lines of inquiry around IoT. What questions do we need...
read more
When Bad Things Happen To Good Public Accounting Firms
Wirecard AG, headquartered in Munich, Germany, is a large, international payments processing fintech company. On June 19th, the Wall Street Journal reported that funds totaling approximately $2.1 Billion appeared to be missing from accounts held in trust for the...
read more
Role of ERM in Managing Risks Related to New Technologies
Shared Assessments new “Role of Enterprise Risk Management (ERM) in Managing Risks Related to New Technologies” briefing paper examines an under-investigated issue: the fact that most ERM programs have not focused on developing a systemic approach to understanding the...
read more
Procurement and the Office of the CISO Webinar Summary
Third-Party Risk Management programs need to support the requirements from both the Chief Procurement Officer and the Chief Information Security Officer. It is essential that these individuals along with their teams understand the risk that comes from vendors and...
read more
Financial Crime Risks: What A Vendor Manager Must Know About Sanctions and Money Laundering
Shared Assessments’ Continuous Monitoring Working Group recently convened to examine the risks from financial crime that a vendor manager must understand. Ken Wolckenhauer, head of vendor due diligence and review for the New York branch of Finland-based Nordea Bank,...
read more
Third Party 5G Risks & The Power of ‘And’
Sharp leaders deploy it, improv performers embrace it and fifth generation (5G) wireless technology depends on it. I’m referring to the power of “and.” Skim through any thought leadership concerning 5G’s massive potential to generate new business models and...
read more
